Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/5ew8M3hiKaOgazXxiWY6i0KmIMw.roa
File: 5ew8M3hiKaOgazXxiWY6i0KmIMw.roa (raw, json)
Hash identifier: tfWrEIkHbpd5NoU8jQg4rhlrW8kTF9DDbvJJ2MVteY8=
Subject key identifier: E5:EC:3C:33:78:62:29:A3:A0:6B:35:F1:89:66:3A:8B:42:A6:20:CC
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01856BDCB37EB4E98EB6262683CF9F32567F
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/5ew8M3hiKaOgazXxiWY6i0KmIMw.roa
Signing time: Sun 01 Jan 2023 05:45:04 +0000
ROA not before: Sun 01 Jan 2023 05:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207743
IP address blocks: 91.239.225.0/24 maxlen: 24
64.43.77.0/24 maxlen: 24
64.43.78.0/23 maxlen: 23
109.207.134.0/23 maxlen: 23
176.96.92.0/23 maxlen: 23
64.43.96.0/23 maxlen: 23
64.43.98.0/23 maxlen: 23
93.120.26.0/24 maxlen: 24
93.120.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Jun 2023 12:53:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:b3:7e:b4:e9:8e:b6:26:26:83:cf:9f:32:56:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 1 05:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5ec3c33786229a3a06b35f189663a8b42a620cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1e:58:a3:0d:8b:0b:d2:18:4d:c0:4c:b0:cf:
49:59:ba:71:86:59:28:d3:34:3d:22:7f:cf:23:20:
cd:34:e5:ac:a6:ff:e7:0f:95:12:a3:fb:93:f1:bf:
c6:ae:d7:c8:dd:49:a8:a7:8b:ae:dd:ac:a0:93:d7:
89:c2:a1:7e:32:2c:88:c6:55:66:20:77:cc:42:eb:
f8:92:92:95:20:eb:b3:41:d3:1b:a9:80:9f:81:2e:
f2:bb:b1:48:e0:e1:af:85:3f:3c:c6:fc:04:46:7d:
90:7e:06:41:7c:f1:1f:cf:6d:1a:c9:7f:a2:db:1a:
f5:8e:02:f7:36:e3:0e:fd:11:df:ae:49:a0:10:70:
5e:8e:51:a6:f9:1a:eb:9d:64:01:78:09:c5:6b:10:
33:d8:a7:d0:5c:ee:a9:cd:6b:e7:1f:ce:40:94:40:
8c:82:13:eb:da:c4:31:03:45:06:52:2f:31:7c:95:
8f:01:c7:65:f9:5b:aa:20:b3:60:2b:56:92:38:0b:
7a:5a:e0:5a:d5:f8:82:c0:d1:af:bc:b4:31:fa:6d:
49:56:a6:b7:39:a3:25:af:8d:38:f1:7a:a9:53:09:
39:a4:e2:21:3c:3b:87:1d:e0:b4:08:41:c4:eb:b3:
5c:64:8c:83:cc:12:b0:44:e3:96:df:4e:0a:e5:94:
ac:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:EC:3C:33:78:62:29:A3:A0:6B:35:F1:89:66:3A:8B:42:A6:20:CC
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/5ew8M3hiKaOgazXxiWY6i0KmIMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.77.0-64.43.79.255
64.43.96.0/22
91.239.225.0/24
93.120.26.0/24
93.120.32.0/24
109.207.134.0/23
176.96.92.0/23
Signature Algorithm: sha256WithRSAEncryption
64:9a:fb:41:46:85:71:1b:ed:69:7d:ed:01:53:ac:ef:29:11:
5c:25:68:0d:90:3e:c6:15:03:48:3e:ea:7e:3c:ce:cb:59:0c:
1a:5c:c5:b0:a6:23:13:0b:5c:00:5d:cf:bb:08:3d:f9:7e:60:
78:ee:76:0f:af:90:c5:8a:d1:1c:1d:21:36:9c:a3:40:95:bc:
c0:64:00:eb:cf:56:20:0a:d5:1c:0f:6c:8b:26:27:e4:39:9e:
5e:05:41:95:80:ae:99:34:82:87:f4:4a:3d:3b:dc:84:59:92:
31:b7:99:82:39:4b:28:18:4e:37:17:91:6b:1d:6c:a3:e8:0d:
f3:a0:16:80:0a:d0:b7:ca:1e:65:93:48:e1:46:74:a6:bc:ae:
27:58:52:1c:16:00:a8:12:3c:9e:0f:b3:10:c8:4e:42:9c:ab:
ff:50:26:ae:79:68:a6:08:4d:c1:d4:e3:7f:49:7b:65:80:f7:
f8:98:dc:dc:51:46:65:b5:6d:b4:75:fd:5f:e5:1f:fc:bc:c7:
4e:ac:0d:0f:7b:24:7f:6e:fd:92:d3:0d:16:96:17:dc:36:01:
fb:1f:7d:ed:82:49:e7:9e:0f:d8:d2:26:7a:d5:5d:75:e7:14:
81:a0:7c:45:f5:cb:17:fc:75:a4:1a:d7:69:c0:e2:c3:76:56:
65:c1:ca:0e
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVr3LN+tOmOtiYmg8+fMlZ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwMTAxMDU0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWVjM2MzMzc4NjIyOWEzYTA2YjM1ZjE4OTY2M2E4YjQyYTYyMGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxh5Yow2LC9IYTcBMsM9JWbpxhlko
0zQ9In/PIyDNNOWspv/nD5USo/uT8b/GrtfI3Umop4uu3aygk9eJwqF+MiyIxlVm
IHfMQuv4kpKVIOuzQdMbqYCfgS7yu7FI4OGvhT88xvwERn2QfgZBfPEfz20ayX+i
2xr1jgL3NuMO/RHfrkmgEHBejlGm+RrrnWQBeAnFaxAz2KfQXO6pzWvnH85AlECM
ghPr2sQxA0UGUi8xfJWPAcdl+VuqILNgK1aSOAt6WuBa1fiCwNGvvLQx+m1JVqa3
OaMlr4048XqpUwk5pOIhPDuHHeC0CEHE67NcZIyDzBKwROOW304K5ZSsIQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFOXsPDN4YimjoGs18YlmOotCpiDMMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvNWV3OE0zaGlLYU9nYXpYeGlXWTZpMEttSU13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBABAK00D
BARAK0ADBAJAK2ADBABb7+EDBABdeBoDBABdeCADBAFtz4YDBAGwYFwwDQYJKoZI
hvcNAQELBQADggEBAGSa+0FGhXEb7Wl97QFTrO8pEVwlaA2QPsYVA0g+6n48zstZ
DBpcxbCmIxMLXABdz7sIPfl+YHjudg+vkMWK0RwdITaco0CVvMBkAOvPViAK1RwP
bIsmJ+Q5nl4FQZWArpk0gof0Sj073IRZkjG3mYI5SygYTjcXkWsdbKPoDfOgFoAK
0LfKHmWTSOFGdKa8ridYUhwWAKgSPJ4PsxDITkKcq/9QJq55aKYITcHU439Je2WA
9/iY3NxRRmW1bbR1/V/lH/y8x06sDQ97JH9u/ZLTDRaWF9w2Afsffe2CSeeeD9jS
JnrVXXXnFIGgfEX1yxf8daQa12nA4sN2VmXByg4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org